2 Commits

Author	SHA1	Message	Date
cschantz	f522ba80b7	DEEP AUDIT UPDATE: Found hidden cPanel API dependencies ... CRITICAL NEW FINDINGS: 1. WordPress Cron Manager - CATASTROPHIC - 33 references to /var/cpanel/userdata - 9 references to public_html - Completely relies on cPanel userdata for domain→user lookups - Will be 100% broken on InterWorx without major refactor 2. cPanel API Dependencies - SILENT FAILURES - whmapi1/uapi calls found in 3 modules - These commands DON'T EXIST on InterWorx! - Will fail silently without proper error handling Affected modules: - live-attack-monitor.sh: whmapi1 cphulkd_list_blocks/add_whitelist - enable-cphulk.sh: Multiple whmapi1 calls - system-health-check.sh: whmapi1 in help messages 3. 500-error-tracker.sh - PHP Handler Issues - Reads php_admin_value from /var/cpanel/userdata - InterWorx uses different PHP configuration method UPDATED TOTALS: - Was: 14 modules need fixes - Now: 16 modules need fixes - 3 with critical API dependencies - 1 requires complete refactor (wordpress-cron-manager) SOLUTION DOCUMENTED: - Wrap ALL whmapi1/uapi calls in SYS_CONTROL_PANEL checks - InterWorx has ModSecurity + fail2ban (no CPHulk equivalent) - Must fail gracefully with warnings UPDATED IMPLEMENTATION PLAN: - Phase 3: Security modules + API wrapping - Phase 4: WordPress + website diagnostics (MAJOR REFACTOR) - Phase 5: Monitoring tools - Phase 6: System health conditional checks This audit is now COMPLETE and accurate.	2025-11-19 19:45:07 -05:00
cschantz	f513e5503d	COMPREHENSIVE INTERWORX COMPATIBILITY AUDIT ... Created detailed audit report of ALL 38 toolkit modules. FINDINGS: - ✅ 3 modules already InterWorx compatible - ⚠️ 14 modules need InterWorx fixes - ✓ 21 modules are control panel agnostic CRITICAL ISSUES IDENTIFIED: 1. Security Modules (Priority 1) - live-attack-monitor.sh: Hardcoded domlogs path - malware-scanner.sh: Hardcoded public_html, cPanel paths - optimize-ct-limit.sh: Wrong fallback path 2. Website Diagnostics (Priority 2) - website-error-analyzer.sh: Heavy cPanel dependencies - 500-error-tracker.sh: /var/cpanel/users/* lookups 3. Monitoring Tools (Priority 3) - web-traffic-monitor.sh: Hardcoded domlogs - tail-apache-access.sh: Hardcoded paths - tail-apache-error.sh: Hardcoded paths - network-bandwidth-analyzer.sh: Hardcoded log detection KEY PATH DIFFERENCES DOCUMENTED: - Access logs: /var/log/apache2/domlogs/domain → /home/user/var/domain/logs/access_log - Document root: /home/user/public_html → /home/user/domain.com/html - Error logs: Different per-domain structure - User config: /var/cpanel/users/* → NodeWorx API/vhost configs STANDARD FIX PATTERN DEFINED: 1. Use SYS_LOG_DIR from system-detect.sh 2. Use get_user_info()/get_user_domains() from user-manager.sh 3. Support both cPanel and InterWorx document root patterns 4. Add InterWorx-specific log discovery IMPLEMENTATION PLAN: - Phase 3: Critical security modules (3 modules) - Phase 4: Website diagnostics (2 modules) - Phase 5: Monitoring tools (4 modules) - Phase 6: System health check (1 module) Estimated effort: 8 hours for full InterWorx parity REPORT LOCATION: INTERWORX_COMPATIBILITY_AUDIT.md	2025-11-19 18:57:11 -05:00